Security and IR Labs at CEIC Focus on Advanced Malware and Attack Analysis

CEIC 2015 is just a few weeks away and we’re excited to meet with you face-to-face on the show floor and in the conference sessions earmarked for cybersecurity and incident response professionals. If your cybersecurity journey seems to grow more complicated with each passing CEIC event, this is the year you won’t want to miss.

Incident response as a discipline is still largely misunderstood and under-implemented, mainly because enterprises struggle to understand the changing security landscape and the need to be prepared for the inevitable cyber attack. To help you better understand these changes, we've developed new sessions and labs for CEIC 2015 to help you take incident response to the next level.

More Advanced, Technical Labs will Help You Understand the Root Cause of a Cyber Attack

In addition to offering topics for newcomers on incident response, CEIC will dig deep this year into advanced technical analysis of malware and attacks so you can be more confident before, during or after a cyber attack. This foresight to develop more analytical and leading-edge topics began with two critical questions we hear incident responders ask:

What really happened? Incident response teams are often too focused on remediation, without a deep understanding of how the cyber attack was orchestrated, what tools were used, and so on.

Are we still exposed? When that deep understanding is lacking, incident response teams can miss vital information when cleaning up after an attack, leaving your company vulnerable and/or compromised.

Take a look at some of the labs and lectures highlighted here that address these issues, as well as a powerful lineup of seasoned incident response professionals bringing them to you:

Jamie Levy from The Volatility Foundation will lead you through a fascinating hands-on technical lab on memory forensics, which is the analysis of memory images from endpoints to identify potential malware.

Jessica Bair from Cisco Security will teach you to leverage Cisco AMP Threat Grid’s threat intelligence service during a security investigation through a technical integration between EnCase and Threat Grid.

A veteran of 30+ years, Attorney Gordon Calhoun will help you to evaluate a disk for insider threats.

Security/Defense Research Analyst Nik Roby from KEYW Corporation will put you in the attacker’s seat as you learn to use an attack framework representative of the exploitation kits available for sale on the black market.

You’ll also get a technical preview of EnCase 8, with a completely new set of technologies designed to make enterprise-wide querying of endpoint data more accessible and useful for endpoint security.

This is just a small sampling of the 11 sessions in the Cybersecurity and Incident Response track that will bring you closer to the most advanced incident response techniques—including analyzing disk based and memory based artifacts—so you can better understand the root cause of a cybersecurity attack.